<?php
/**
 * Zend Framework
 * LICENSE
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 * @category Zend
 * @package Zend_Mail
 * @subpackage Protocol
 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
 * @license http://framework.zend.com/license/new-bsd New BSD License
 * @version $Id: Crammd5.php 24593 2012-01-05 20:35:02Z matthew $
 */
/**
 *
 * @see Zend_Mail_Protocol_Smtp
 */
require_once 'Zend/Mail/Protocol/Smtp.php';

/**
 * Performs CRAM-MD5 authentication
 * @category Zend
 * @package Zend_Mail
 * @subpackage Protocol
 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
 * @license http://framework.zend.com/license/new-bsd New BSD License
 */
class Zend_Mail_Protocol_Smtp_Auth_Crammd5 extends Zend_Mail_Protocol_Smtp {

    /**
     * Constructor.
     * @param string $host (Default: 127.0.0.1)
     * @param int $port (Default: null)
     * @param array $config Auth-specific parameters
     * @return void
     */
    public function __construct ($host = '127.0.0.1', $port = null, $config = null) {
        if (is_array ($config)) {
            if (isset ($config['username'])) {
                $this -> _username = $config['username'];
            }
            if (isset ($config['password'])) {
                $this -> _password = $config['password'];
            }
        }
        parent::__construct ($host, $port, $config);
    }

    /**
     *
     * @todo Perform CRAM-MD5 authentication with supplied credentials
     * @return void
     */
    public function auth () {
        // Ensure AUTH has not already been initiated.
        parent::auth ();
        $this -> _send ('AUTH CRAM-MD5');
        $challenge = $this -> _expect (334);
        $challenge = base64_decode ($challenge);
        $digest = $this -> _hmacMd5 ($this -> _password, $challenge);
        $this -> _send (base64_encode ($this -> _username . ' ' . $digest));
        $this -> _expect (235);
        $this -> _auth = true;
    }

    /**
     * Prepare CRAM-MD5 response to server's ticket
     * @param string $key Challenge key (usually password)
     * @param string $data Challenge data
     * @param string $block Length of blocks
     * @return string
     */
    protected function _hmacMd5 ($key, $data, $block = 64) {
        if (strlen ($key) > 64) {
            $key = pack ('H32', md5 ($key));
        } elseif (strlen ($key) < 64) {
            $key = str_pad ($key, $block, "\0");
        }
        $k_ipad = substr ($key, 0, 64) ^ str_repeat (chr (0x36), 64);
        $k_opad = substr ($key, 0, 64) ^ str_repeat (chr (0x5C), 64);
        $inner = pack ('H32', md5 ($k_ipad . $data));
        $digest = md5 ($k_opad . $inner);
        return $digest;
    }

}
